If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

thanks for the reply cyber. i was being kind of impatient, i was waiting only 30 seconds or so for the victim to come back up, it is in fact disconnecting then reconnecting though...im new to the wireshark thing (im actually reading a pdf on it now) hopefully i can figure it out .
as far as command i used
aireplay-ng -0 3 -a (bssid) -c (client) wlan1

im looking through the caps with the eapol filter now to see if maybe airodump just didnt print it...

I am having the same issue like mohsen1...the last command with results of "sending 64 directed DeAuth...." is this wrong? or is it my crappy card that I cannot get a handshake? I cannot even get my card to inject (highly believe it's my driver issue)...thinking on getting a real card now if it's really the problem.

Just for reference, the "sending 64 directed DeAuth." message that you are seeing does not mean that 64 deauthentication attacks are being performed and is a perfectly normal output for directed deauthication. Aireplay-ng will send out 128 packets for each directed deauthentication, 64 packets to the AP and 64 packets to the client, this is what the message states.

I have highlighted the important part of the message. What these numbers mean is that, out of the 64 packets sent to each destination, 0 ACKs was returned by the client and 1 ACK from the AP. In other words the client is not able to hear your packets at all while the AP barely received one packet. Low values like this will tell you that you need to get closer to the target in question.

so what would be a good number of acks [0|0] ? i usually get 11 or better on each, is that good enough or is that still to low? i have my "man cave" setup in my detached garage [keeps kids and wife away while i play ]and my router is about 100 ft from me..i can surf fine from here but cannot get a 4 way handshake

so what would be a good number of acks [0|0] ? i usually get 11 or better on each, is that good enough or is that still to low? i have my "man cave" setup in my detached garage [keeps kids and wife away while i play ]and my router is about 100 ft from me..i can surf fine from here but cannot get a 4 way handshake

It is hard to say an exact number that could be considered good, but the higher the better is the rule of thumb.

In your case you are sending out 64 packets and only receiving 11 responses which means that 53 of the sent packets are dropped, that is roughly 83 %. As capturing the handshake requires that you intercept 4 consecutive packets, 2 sent from the AP and 2 from the client, such a high packet drop will prove to be problematic.

Thanks for the information Tron....I had over 100s acks for both client and AP...but still no success...now that I got the new card, I concluded it's an issue with my old card, because I got 4 way handshake instantly with the Alfa card. I finally got to experience what the injection test will show me..lol...I read through pages that negear MA401 works...now I need to research more to figure it out (tried flashing the card itself too)

Excellent tut just the like the two previous ones on wep I have used, thanks for the info.
Am also downloading your wordlist torrent but that is going to take some time as I am traveling at the moment and don't have regular access at my current location.

I do have a question about doing a dictionary crack, I can currently get about 80 Kp/s which is ok i suppose for my little eeepc 1.6 ghz, 1 gig ram. But the thing that bugs me is the display which shows multiple key attempts per second which is a waste of processor time in my opinion. I did a little programming a long time ago and when making a prime number generator the teacher showed me I could signafincatly speed up the process if I only displayed 1 in 10 of the numbers generated, he claimed the output to screen used a chunk of resources that were best left working on the prime numbers.
So my question is how do I get the screen output to only refresh once a minute, I don't want to turn it off all together as I like to know what letter I'm at plus I would like to know if it makes a noticable diffrence to Kp/s.

Excellent tut just the like the two previous ones on wep I have used, thanks for the info.
Am also downloading your wordlist torrent but that is going to take some time as I am traveling at the moment and don't have regular access at my current location.

I do have a question about doing a dictionary crack, I can currently get about 80 Kp/s which is ok i suppose for my little eeepc 1.6 ghz, 1 gig ram. But the thing that bugs me is the display which shows multiple key attempts per second which is a waste of processor time in my opinion. I did a little programming a long time ago and when making a prime number generator the teacher showed me I could signafincatly speed up the process if I only displayed 1 in 10 of the numbers generated, he claimed the output to screen used a chunk of resources that were best left working on the prime numbers.
So my question is how do I get the screen output to only refresh once a minute, I don't want to turn it off all together as I like to know what letter I'm at plus I would like to know if it makes a noticable diffrence to Kp/s.

I do not know how you would achieve this, but since the function is coded into the program already you will probably not achieve any improvement even if you can get the screen to refresh more seldom. The reason is that the program still will run the necessary code to display the attempts even though you might be able to prevent it from showing up, this is unless you actually manipulate the source code directly.

However, even though you do see multiple words per second I have a hard time believing that aircrack-ng will show each and every attempt. Most likely what you are seeing is already about 1/10 words so I think any improvement by further lowering this number would be diminishable.